Operating System:

[Appliance]

Published:

05 August 2019

Protect yourself against future threats.

//Service

AusCERT Education

Enhance your knowledge with our exceptional one day training offerings for individuals and organisations

Read more
Resources > Security Bulletins > ESB-2019.2917 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2019.2917
   IBM has announced a release for IBM Security Identity Governance and
    Intelligence in response to security vulnerability (CVE-2018-5391)
                               5 August 2019

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           IBM Security Identity Governance and Intelligence
Publisher:         IBM
Operating System:  Network Appliance
Impact/Access:     Denial of Service -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2018-5391  

Reference:         ASB-2019.0060
                   ASB-2019.0041
                   ESB-2019.1793
                   ESB-2019.1630

Original Bulletin: 
   http://www.ibm.com/support/docview.wss?uid=ibm10958679

- --------------------------BEGIN INCLUDED TEXT--------------------

IBM has announced a release for IBM Security Identity Governance and
Intelligence in response to security vulnerability (CVE-2018-5391)

Product:             IBM Security Identity Governance and Intelligence
Software version:    5.2.4, 5.2.4.1
Operating system(s): Appliance
Reference #:         0958679

Security Bulletin

Summary

IBM has announced a release for IBM Security Identity Governance and
Intelligence (IGI) in response to security vulnerability. A vulnerability in
the Linux kernel, included in IBM Security Identity Governance and Intelligence
(IGI), affects the way the Linux kernel handles reassembly of fragmented IPv4
and IPv6 packets. By sending specially crafted IP fragments with random
offsets, a remote attacker could exploit this vulnerability to exhaust all
available CPU resources and cause a denial of service.

Vulnerability Details

CVEID: CVE-2018-5391
DESCRIPTION: Linux Kernel is vulnerable to a denial of service, caused by the
improper handling of the reassembly of fragmented IPv4 and IPv6 packets by the
IP implementation. By sending specially crafted IP fragments with random
offsets, a remote attacker could exploit this vulnerability to exhaust all
available CPU resources and cause a denial of service.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/
148388 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)

Affected Products and Versions

IBM Security Identity Governance and Intelligence (IGI) 5.2.4, 5.2.4.1

Remediation/Fixes

+-----------------------------------------------------+-----------------------------------------------------+------------------------------------------------------+
|Product Name                                         |VRMF                                                 |First Fix                                             |
+-----------------------------------------------------+-----------------------------------------------------+------------------------------------------------------+
|IGI                                                  |5.2.4                                                | 5.2.5.0-ISS-SIGI-FP0000                              |
+-----------------------------------------------------+-----------------------------------------------------+------------------------------------------------------+
|IGI                                                  |5.2.4.1                                              | 5.2.5.0-ISS-SIGI-FP0000                              |
+-----------------------------------------------------+-----------------------------------------------------+------------------------------------------------------+

Workarounds and Mitigations

None

Change History

09 July 2019: Original Version Published

Product Alias/Synonym

IGI
IGA

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBXUe1PWaOgq3Tt24GAQgy2BAAokD/17yuZuy00TwVMzndWO+PvhwY/PtB
Xy8ZGWpeYIYiSZ97KpRiDNXVpyBC8sT+w78DABK9fYC1pTigS8twYwF8dzGbWU9v
7yL+YzPQiqKw8VIIK9VCywTw90QiyiQ0YYNbbdhq7fIS81inKNr/xkulITHarP5B
q/lwkk6gPKqBH66Zt3Q1u6KuL2Vt0T+tHvlohcuLhjJBOEn7efccWUxf4rjVvPen
Nr2y0E6hDx1HMG91L0dlYDAGamGX8hITt1vHTFIlqCOZabkIonvjXD6toyOQRRKE
kT1BWVAuen8+CuX8st4aL1ITHX7UG9EaKOpBF2NQftM/lPgq6rJRTX6QGJUJh5LI
agTu7f4Ti+C0UJ541Yf1j31QpNIwSr496Ui2I1xL2RplCVSxcTAYEQKHQKCfzfXT
zSx9thlSXXv0vE3JeB1eSaDeozEr7hEVfjfja6HINUnCuyzs4NMZdmtFQguRBWzS
NPz4+Htua7L7pBkg/PvQ2D5V8PKPS1DwXJLjdZtyyMlCg57Q3c4miGsfwjQ9vDVP
C4EzgTpXIOztn0gQnNMG80I3v+KrfPBGShq7c2nk6edysiyXU73QEMulpsZ0iqqA
Y9IBz0gd+tm3gwz58Bm3hKl/HbhbthwjdavxxrMTKfpiN3jqXYx7FWkKyNDUv6gR
3eOzZ5Zz7/I=
=sASR
-----END PGP SIGNATURE-----